Get your copy of the definitive guide to threat intelligence.
We brought together a team of experts and wrote the definitive guide to everything you need to know about threat intelligence. Whether you work in vulnerability management, incident response, or another part of cybersecurity, our book has something for you. Get your free copy of “The Threat Intelligence Handbook” now.
March 15, 2019.
Fifth Annual Cybersecurity Conference for Executives
So does regulation have a downside? Its promised upside is clear enough: an analogue of public health and public safety measures, transposed to cyberspace. In a keynote that opened the proceedings at Johns Hopkins this week, Dr. Phyllis Schneck, Managing Director of the Global Cyber Solutions practice at Promontory Financial Group, began by drawing attention to the well-known principle that compliance isn't sufficient for security, still less synonymous with it.
She offered regulation of personally identifiable information (PII) as an example of regulatory insufficiency. PII is widely regulated, but there is a wealth of other types of data that aren’t, and which, when aggregated, can be at least as revelatory as what we commonly think of as PII. Information such as location data and buying habits, for example, can be just as valuable to an attacker as it is to the companies that collect the data.
One of the problems with regulation, she said, is that it shows the bad guys what you’re not doing, so they can invest their time and money into targeting areas that are unprotected. Attackers will always be ahead, because defenders have laws that restrict their actions. Attackers can adapt more quickly to new information, and they’re generally more open to sharing information with other attackers. Operational resilience is the only way to address this problem, Schneck argued. Companies need to have their recovery strategies set up in advance. She stressed that rehearsal is a necessary component of resilience. Companies need to ask themselves what they would do “if all the lights went out tomorrow,” so that they’re not dealing with that question when the lights actually do go out.
John Forte, Deputy Executive for Johns Hopkins University Applied Physics Laboratory’s Homeland Protection Mission Area, delivered the closing keynote. He took as his text the proliferation of interconnected devices. transportation, healthcare, buildings and cities, education, public safety are increasingly automated, and CISOs are going to need to deal with trend soon. IoT devices will be used to assist in countless tasks, and all of these devices need to interact with each other. The challenge is getting them to interact securely, and building them so they can’t be hacked.
Forte said that the traditional consideration for a CISO is aligning the risk to the mission; in the future, however, CISOs will increasingly need to become business strategists. What CISOs need to start doing today is designing open, resilient, zero-trust architectures, mastering the supply chain, and enhancing automation and the use of AI. Forte noted that we’re currently in the very beginning stages of artificial intelligence.
Forty-nine people are dead in Christchurch, New Zealand, as anti-Muslim terrorists shot up two mosques during Friday prayers. Police have made four arrests, and one man has been charged with murder. Intent to carry out the massacre was announced online shortly before the murders began. The New York Times says a manifesto seeking the sadly familiar goals of terror and depraved inspiration also linked a shooter's Facebook page, where some seventeen minutes of the massacre were subsequently live-streamed, apparently from a camera worn by the shooter. Investigation continues. The video has been taken down, and authorities urge anyone who may have it to refrain from sharing.
China's National People's Congress, Agence France Presse reports, has approved a law said to be intended to inhibit government agencies from forcing foreign companies to give proprietary technology to their Chinese partners in joint ventures. The bill also makes a gesture in the direction of establishing mechanisms for adjudicating disputes over intellectual property among Chinese and international partners. The measure is widely seen as a peaceful gesture in the direction of Washington as Sino-American trade negotiations enter what appears to be their endgame, but few observers think the law will have much of an effect on Chinese conduct with respect to intellectual property.
Earn Your Master’s in Cybersecurity from Georgetown
Looking to advance your cybersecurity career? Check out Georgetown University's graduate program in Cybersecurity Risk Management. Ideal for working professionals, our program offers flexible options to take classes online, on campus, or through a combination of both—so you don’t have to interrupt your career to earn your degree. You'll leave the program with the expertise you need to effectively manage risks and navigate today’s increasingly complex cyber threats. Explore the program.
OSSEC Con2019(Herndon, Virginia, United States, March 20 - 21, 2019) OSSEC Con2019, “The Future of OSSEC: Security and Compliance for Cloud, On-Premise and Hybrid Environments” will take place March 20-21 in Herndon, VA. Join OSSEC users to share best practices and use cases with plenty of peer-to-peer networking.
US Warns of Sophisticated Cyberattacks From Russia, China(SecurityWeek) Cyberattacks from Russia, China, North Korea and Iran are increasingly sophisticated and, until recently, were done with little concern for the consequences, the top Pentagon cyber leaders told a congressional committee.
The Hunt: ISIS trying to reposition its messaging(WTOP) What’s ISIS’s message now that it has lost all of the territory it once held in Syria and Iraq? On this week’s edition of The Hunt with WTOP national security correspondent J.J. Green, an American…
Making it Rain - Cryptocurrency Mining Attacks in the Cloud(AT&T Alien Labs) By Chris Doman and Tom HegelOrganizations of all sizes have made considerable shifts to using cloud-based infrastructure for their day-to-day business operations. However, cloud security hasn't always kept up with cloud adoption, and that leaves security gaps that hackers are more than happy to take advantage of.One of the most widely observed objectives of attacking an organization's cloud infrastructure has been for cryptocurrency mining. Despite recent falls in cryptocurrency
Most Antivirus Apps on Google Play Suck at Detecting Malware(PCMAG) The findings come from antivirus testing group AV-Comparatives, which tested 250 Android security apps to see how they performed against common malware strains. The reputable brands generally performed well, while the lesser-known ones fared poorly.
Location-Aware Malware Targets Japanese and Korean Endpoints(Security Boulevard) New malware samples use location awareness to specifically target Japanese and Korean endpoints. The malware uses two techniques to determine the location in which it is being executed and ensures that the payload will only be triggered in these regions. This approach matches two trends: 1) docs performing regional checks in targeted attacks, and 2) The post Location-Aware Malware Targets Japanese and Korean Endpoints appeared first on Bromium.
PEPPERL+FUCHS WirelessHART-Gateways(ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 5.3ATTENTION: Exploitable remotely/low skill level to exploit/public exploits are availableVendor: PEPPERL+FUCHSEquipment: WirelessHART-GatewaysVulnerability: Path Traversal2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow access to files and restricted directories stored on the device through the manipulation of file
Gemalto Sentinel UltraPro(ICS-CERT) 1. EXECUTIVE SUMMARYCVSS v3 6.5ATTENTION: Low skill level to exploitVendor: GemaltoEquipment: Sentinel UltraProVulnerability: Uncontrolled Search Path Element2. RISK EVALUATIONSuccessful exploitation of this vulnerability could allow execution of unauthorized code or commands.
Unmasking War’s Changing Character(Modern War Institute) “Perhaps wars weren’t won anymore. Maybe they went on forever.” — Ernest Hemingway, A Farewell to Arms War used to be easy to define. Once, we could say with confidence whether we were at war or peace. If the former, we could identify with whom we were fighting and where the front was. Americans …
ZTE’s State Owner to Cut Its Stake(Wall Street Journal) The state-backed owner of China’s ZTE said it would sell up to 3% of the shares outstanding in the telecom giant, which is recovering from a bruising run-in with U.S. authorities last year.
Two Top Facebook Executives Leaving Company(Wall Street Journal) Two Facebook Inc. senior executives said Thursday that they would leave the company—surprise departures that come days after CEO Mark Zuckerberg announced a major shift in direction for the company.
Forcepoint-Enabling Cybersecurity with Behavioural Analytics Solution(BFSI) Forcepoint delivers integrated behavior-based security solutions, that have been perfectly adapted to suit the industrial environment, specifically, products that provide more visibility into the potential threats, says Harshil Doshi, Strategic Security Solutions Head, Forcepoint.
Darktrace Launches Antigena Cyber AI to Fight Back Against Cyber Threats in Seconds(IT Toolbox) Darktrace, the AI company for cyber defense, has announced new Antigena AI Response modules that fight back autonomously, no matter where a threat may emerge.Expanding beyond network response, the new modules include Cloud (AWS & Azure), Email (Office365), and SaaS applications. Whether faced with a social engineering campaign, compromised cloud...
Protecting applications against DFA attacks(Help Net Security) There are several steps you can take to ensure that you are doing as much as possible to defend against DFA attacks. Learn more in this article from Arxan.
Cyber-Security Student Team Earns Regional Spot (University of Arkansas News) A U of A student cyber-defense team will return this month to the finals of an eight-school competition to see which university will emerge victorious at the end of a real-world cybersecurity gauntlet.
China approves foreign investment law, possible US olive branch(Yahoo News) China's rubber-stamp parliament approved a foreign investment law Friday that may serve as an olive branch in trade talks with the United States, but it received a lukewarm welcome from business groups. The legislation aims to address long-running grievances from foreign firms including stronger
SECURITY: Pentagon to utilities: Uncle Sam wants you(E&E News) The U.S. military is recruiting electric utilities and grid operators as partners in an aggressive new strategy aimed at spotting and blocking hackers before they launch a cyberattack on energy infrastructure.
MtGox bitcoin founder gets suspended sentence(France 24) The high-flying creator of the MtGox bitcoin exchange received a suspended jail sentence of two and a half years after a Japanese court Friday found him guilty on charges of data manipulation.
For a complete running list of events, please visit the Event Tracker on the CyberWire website.
National Cyber League Spring Season(Various, February 25 - March 24, 2019) The NCL is a defensive and offensive puzzle-based, capture-the-flag style cybersecurity competition. Its virtual training ground helps high school and college students prepare and test themselves against...
OSSEC Open Source Security Conference(Herndon, Virginia, USA, March 20 - 21, 2019) With tens of thousands of global users, OSSEC is the world’s most widely used open source host-based intrusion detection system. Join this exclusive event on March 20-21, 2019 at the Dulles Hilton in Herndon,...
KNOW 2019(Las Vegas, Nevada, USA, March 24 - 27, 2019) The Future of Trust starts at KNOW 2019, the definitive event focused on the data economy. From Facebook and Equifax to GDPR, identity data is at the forefront of cybersecurity and regulation. KNOW is...
Cyber Security for Critical Assets Summit(Houston, Texas, USA, March 26 - 28, 2019) The Cyber Security for Critical Assets Summit unites 250+ senior IT & OT security professionals to elucidate the most advanced cybersecurity information, debate policies and guidelines, and collaborate...
SPONSOR & SUPPORT
Grow your brand and reach new customers.
Grow your brand and increase your customer base by educating our audience about your products, services, and events by advertising on The CyberWire. We’ve built trust with an influential (and often hard to reach) audience of CISOs, CSOs, and other senior execs in the security space, across a wide array of industry verticals. Learn more.
Be a part of the CyberWire story.
People ask us (a lot) how they can support what we do. We have our sponsorships and services, of course, but those are not always within every supporter's financial reach, or it might just not be the right time for you to do those things. That's why we launched our new Patreon site, where we've created a wider variety of support levels, each with some new benefits. Our patrons are important to our future, and we hope you'll consider becoming one. We invite you to become part of the CyberWire story. Become a patron today.